But apparently the EU itself can't be bothered with complying with its own rules.

As reported by ZDNet's Zack Whittaker, websites for EU institutions like the European Parliament and European Commission are still using cookies, but they're not in compliance.

Whittaker writes:

On all European Union institution websites, you will be lucky to find a single page that asks the visitor for permission to set cookies. But they’re using them all the same.

Although there's an argument to be made that (technically) these EU institutions may not be covered by the cookie law, that argument probably doesn't hold water. As Stewart Room of Field Fisher Waterhouse LLP explained to ZDNet:

The EU is bound by the 2001 Data Protection Regulation (45/2011) — not to be confused with the draft Data Protection Regulation 2012 — and there are strong grounds to suspect that some parts of the EU’s cookie use constitutes the processing of personal data.

Some agencies appear to be aware that the rules apply to them, and are surprised that they're not in compliance. "If there is proof of a part of the EU institutions not being transparent about cookies, please let us know, so we can work to address it," a spokesperson for the Digital Agenda Commissioner told Whittaker.

The irony here is laughable, but also sad. Legitimate businesses wanting to stay on the right side of the law have spent significant amounts of time and money dealing with the EU cookie law, which isn't the first headache-inducing law the EU has implemented and almost certainly won't be the last.

But if the EU itself won't abide by its own laws, some might eventually ask: should anybody?

Comments (2)

This is an absolutely farce.
We spent a fair amount of time and money in order to comply with it. In the UK, the primary ICO guideline which they revised 1 day before the deadline.

I quote "At present evidence demonstrates that general awareness of ... cookies is simply not high enough for websites to rely entirely ... on implied consent" (ICO, "guidance on the rules on use of cookies and similar technologies", version 2, Dec 2011).

It seems that 5 month was more than enough to increase the "general awareness", making the "explicit consent" not necessary.

In other countries, we do not even know what is happening. Germany has not expressed how they were thinking of implementing it yet... and they are not the only ones.

How about other websites who are administered by extra-EU owners? Are they going to have to change their websites as well in order to comply if they are addressing to EU customers?

A perfect example of a digital project failure on an European scale... and surely a bit too late to find out that it was a terrible mistake.

K.

over 4 years ago

Matt Bragg, Strategic Business Director at Adobe

My favorite is www.europeanlawmonitor.org This is I believe part EU funded and is part of EU Direct as the local feed for Hampshire. See any pop-ups? Any warning on privacy policy or cookies? If you don't I think you should do your civic duty and report them to the ICO. If they get enough complaints they would have to investigate and what a story that would make.

Enjoying this article?

Get more just like this, delivered to your inbox.

Keep up to date with the latest analysis, inspiration and learning from the Econsultancy blog with our free Daily Pulse newsletter. Each weekday, you
ll receive a hand-picked digest of the latest and greatest articles, as well as snippets of new market data, best practice guides and trends research.